Category Archives: PowerShell and Active Directory

Are your domain controllers real?

A question on the forum asked about discovering if domain controllers are physical or virtual machines. This will do the job foreach ($domain in (Get-ADForest).domains) {   Get-ADDomainController -filter * -server $domain |   sort hostname  |   foreach { … Continue reading

Posted in PowerShell and Active Directory, PowerShell and CIM | Leave a comment

Name mismatch

Ever wondered why you can’t do this: Get-ADComputer -Filter * -SearchBase ‘OU=Servers,DC=Manticore,DC=org’ | Get-CimInstance -ClassName Win32_OperatingSystem The –ComputerName parameter on get-CimInstance accepts pipeline input BUT its by property name. PS> Get-Help Get-CimInstance -Parameter ComputerName -ComputerName [<String[]>]     Specifies computer on … Continue reading

Posted in PowerShell and Active Directory, PowerShell and CIM | Leave a comment

Modifying AD users in bulk

Modifying AD users in bulk involves either setting one or more properties to the same value for a set of users or reading in the values you need from a data source of some kind. We prepared some test data … Continue reading

Posted in PowerShell and Active Directory, Powershell Basics | Leave a comment

Test data for bulk AD changes

I’ve had a number of questions about changing AD user data in bulk. If you need to do that you need some test data. The specific questions were around setting the Division property and the EmployeeNumber at the same time … Continue reading

Posted in PowerShell and Active Directory, Powershell Basics | Leave a comment

Get-ADUser doesn’t display all properties

Microsoft’s Active Directory cmdlets have some issues. One of the ones that catches everyone when they start using them is that Get-ADUser doesn’t display all properties. A default call to Get-ADUser displays a subset of the available properties of the … Continue reading

Posted in PowerShell and Active Directory | 3 Comments

Active Directory Schema Versions

With the release of Windows Server 2016 its time to update my schema versions script $sch = [System.DirectoryServices.ActiveDirectory.ActiveDirectorySchema]::GetCurrentSchema() $de = $sch.GetDirectoryEntry() switch ($de.ObjectVersion) {     13{“{0,25} ” -f “Schema Version $($de.ObjectVersion) = Windows 2000”; break}     30{“{0,25} ” -f “Schema … Continue reading

Posted in PowerShell and Active Directory | Leave a comment

Changing the samAccountName

I was recently asked how the samAccountName – also referred to as the login id – could be changed. First lets look at an account: PS C:\Scripts> Get-ADUser -Identity ‘FredFox’ DistinguishedName : CN=FOX Fred,OU=UserAccounts,DC=Manticore,DC=org Enabled           : True GivenName         : Name              … Continue reading

Posted in PowerShell and Active Directory | Leave a comment